Nextcloud 13 slow on LAN. Works perfect on WAN or through VPN

Nextcloud version _ 13.0.5
Operating system and version _ Ubuntu Server 18.04
Apache or nginx version _ nginx 1.15.2
PHP version _ 7.2

I followed the install guide at :https://www.c-rieger.de/nextcloud-13-nginx-installation-guide-for-ubuntu-18-04-lts/ I had another install using Apache and it did the same thing but was less responsive overall. I guess nginx and tuning it made a difference.

The issue you are facing:

When I try to access the server using a LAN connection it takes about 20 seconds to log in from the computer. Access from the apps (Nextcloud, Talk, and Notes) all take forever and sometimes time out trying to connect. When I access it from a WAN connection or through a VPN it works flawlessly. Could it be a problem with my router settings? I have a nice Ubiquity setup but maybe I am missing something.

Is this the first time you’ve seen this error? (Y/N): N

The output of your Nextcloud log in Admin > Logging:

Not seeing anything but a bunch of errors for antivirus app installed but no ClamAV.  Disabled app but no
difference.  Will update once log builds.

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => '********',
  'passwordsalt' => '********',
  'secret' => '********',
  'trusted_domains' => 
  array (
    0 => 'putnam.********.com',
    1 => 'putnam.********.com',
  ),
  'datadirectory' => '/mnt/nc-data/ncdata',
  'overwrite.cli.url' => 'putnam.*******.com',
  'dbtype' => 'mysql',
  'version' => '13.0.5.2',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nc_user',
  'dbpassword' => '*******',
  'installed' => true,
  'activity_expire_days' => 14,
  'auth.bruteforce.protection.enabled' => true,
  'blacklisted_files' => 
  array (
    0 => '.htaccess',
    1 => 'Thumbs.db',
    2 => 'thumbs.db',
  ),
  'cron_log' => true,
  'enable_previews' => true,
  'enabledPreviewProviders' => 
  array (
    0 => 'OC\\Preview\\PNG',
    1 => 'OC\\Preview\\JPEG',
    2 => 'OC\\Preview\\GIF',
    3 => 'OC\\Preview\\BMP',
    4 => 'OC\\Preview\\XBitmap',
    5 => 'OC\\Preview\\Movie',
    6 => 'OC\\Preview\\PDF',
    7 => 'OC\\Preview\\MP3',
    8 => 'OC\\Preview\\TXT',
    9 => 'OC\\Preview\\MarkDown',
  ),
  'filesystem_check_changes' => 0,
  'filelocking.enabled' => 'true',
  'htaccess.RewriteBase' => '/',
  'integrity.check.disabled' => false,
  'knowledgebaseenabled' => false,
  'logfile' => '/var/nc_data/nextcloud.log',
  'loglevel' => 2,
  'logtimezone' => 'America/New_York',
  'log_rotate_size' => 104857600,
  'maintenance' => false,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'overwriteprotocol' => 'https',
  'preview_max_x' => 1024,
  'preview_max_y' => 768,
  'preview_max_scale_factor' => 1,
  'redis' => 
  array (
    'host' => '/var/run/redis/redis-server.sock',
    'port' => 0,
    'timeout' => 0.0,
  ),
  'quota_include_external_storage' => false,
  'share_folder' => '/Shares',
  'skeletondirectory' => '',
  'theme' => '',
  'trashbin_retention_obligation' => 'auto, 7',
  'updater.release.channel' => 'stable',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpsecure' => 'ssl',
  'mail_smtpauth' => 1,
  'mail_smtpport' => '465',
  'mail_from_address' => '*********',
  'mail_domain' => 'gmail.com',
  'mail_smtphost' => 'smtp.gmail.com',
  'mail_smtpname' => '***********@gmail.com',
  'mail_smtppassword' => '*******',
);

The output of your Apache/nginx/system log in /var/log/____:

2018/07/24 23:52:58 [error] 5432#5432: *10 access forbidden by rule, client: 192.168.10.119, server: putnam.*****.com, request: "GET /data/htaccesstest.txt HTTP/1.1", host: "putnam.*****.com"
2018/07/25 01:07:37 [warn] 1732#1732: *3 an upstream response is buffered to a temporary file /var/cache/nginx/fastcgi_temp/1/00/0000000001 while reading upstream, client: 192.168.10.119, server: putnam.*****.com, request: "GET /remote.php/webdav/Media/Movies/TestVid(1).mp4 HTTP/2.0", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "putnam.*****.com"
2018/07/25 01:07:45 [warn] 1732#1732: *3 an upstream response is buffered to a temporary file /var/cache/nginx/fastcgi_temp/2/00/0000000002 while reading upstream, client: 192.168.10.119, server: putnam.*****.com, request: "GET /remote.php/webdav/Media/Movies/TestVid(1).mp4 HTTP/2.0", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "putnam.*****.com"
2018/07/25 01:35:56 [warn] 1732#1732: *1676 an upstream response is buffered to a temporary file /var/cache/nginx/fastcgi_temp/3/00/0000000003 while reading upstream, client: 192.168.10.119, server: putnam.*****.com, request: "GET /remote.php/dav/files/Jeremiah/Nextcloud%20Manual.pdf HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "putnam.*****.com"

^ Client 192.168.10.119 is my router. 192.168.10.100 is the server.

is that 192.168.10.100 or your router? which url you are using internal 192.168.10.100 or putnam.*****.com
what dns server did you use as resolver in the nginx settings?

resolver 192.168.2.1;
# IPv4 and IPv6:
# resolver 192.168.2.1 [0:0:0:0:0:FFFF:C0A8:0201];
# resolver IP is your DNS e.g. your FritzBox/Router
resolver_timeout 10s;

.100 is the server, .119 is the router. The dns is provided by Dyndns.com and goes to my public ip>router>forwarded port to server.

I might have the resolver setup confused. I have it set to the router: 192.168.10.119.

I am using putnam.***.com to access the page from the computer and the apps. If I try using the actual LAN IP it works fine but that doesn’t help with the apps. I would have connection problems then when it switches to a WAN connection.

Here is some information from the Nextcloud Logs:

``

Debug webdav Sabre\DAV\Exception\NotAuthenticated: Username or password was incorrect, No ‘Authorization: Bearer’ header found. Either the client didn’t send one, or the server is mis-configured 2018-07-25T16:02:01-0400
Info core Bruteforce attempt from “192.168.10.119” detected for action “login”. 2018-07-25T16:02:01-0400
Warning core Login failed: ‘Courtney’ (Remote IP: ‘192.168.10.119’) 2018-07-25T16:02:01-0400
Info admin_audit Login attempt: “Courtney” 2018-07-25T16:02:01-0400
Info core Bruteforce attempt from “192.168.10.119” detected for action “login”. 2018-07-25T16:01:31-0400
Warning core Login failed: ‘Courtney’ (Remote IP: ‘192.168.10.119’) 2018-07-25T16:01:31-0400
Info admin_audit Login attempt: “Courtney” 2018-07-25T16:01:31-0400
Debug webdav Sabre\DAV\Exception\NotAuthenticated: Username or password was incorrect, No ‘Authorization: Bearer’ header found. Either the client didn’t send one, or the server is mis-configured 2018-07-25T16:00:59-0400
Info core Bruteforce attempt from “192.168.10.119” detected for action “login”. 2018-07-25T16:00:59-0400
Warning core Login failed: ‘Courtney’ (Remote IP: ‘192.168.10.119’) 2018-07-25T16:00:59-0400
Info admin_audit Login attempt: “Courtney” 2018-07-25T16:00:59-0400
Info core Bruteforce attempt from “192.168.10.119” detected for action “login”. 2018-07-25T16:00:28-0400
Warning core Login failed: ‘Courtney’ (Remote IP: ‘192.168.10.119’) 2018-07-25T16:00:28-0400
Info admin_audit Login attempt: “Courtney” 2018-07-25T16:00:28-0400
Info admin_audit Login successful: “Jeremiah” 2018-07-25T16:00:17-0400
Info admin_audit Login attempt: “Jeremiah”

``

sorry. i wasn’t clear.

does the name putnam.xxx.com resolve to the ip address 192.168.10.100 or to the external address of your router?
and do you connect to nextclooud from internal with https://192.168.10.100 or https://putnam.xxx.com

The DNS name resolves to my external ip address. I’m not sure how to have it go directly to the server without port forwarding. As far as the connection in the internal network I use the dns address. If I use the local address on the local network it works, but my apps wont work right when I change to an external network. There must be a fix somehow.

Also, I noticed in the log it is showing brute-force blocks from the router address. What is that about?

Anyone have any ideas? Being this close to it working perfectly is really aggravating me.

Did you ever figure out what was going on? I have a similar problem with apps on my phone being very slow when connected to my lan but work quickly when connected to cell service.

This problem seems like brute force protection kicking in. Have a look at my solution in this thread.

I disabled fail2ban as a test but issue remains.
Odd thing is I can access Nextcloud from my Windows laptop just fine while connected to my LAN. My phone is the device having trouble communicating while connected to my LAN. I have dnsmasq setup and my router pointed to my RPI ip. My phone shows the DNS is my RPI ip address but it’s still painfully slow and sometimes times out. Again, connected to my cell service, my phone connects to Nextcloud very quickly.
I have a network tool app on my phone and when I ping my domain name, it resolves to my RPI ip address.

Brute force protection has nothing to do with fail2ban! It is a feature of nextcloud. Please have a look at your *_bruteforce_attempts database table. If there are rows inside delete them and look if the problem goes away.

@DerFetzer, thanks for your help. I ended up starting over with a fresh install of NC which fixed the issue.

Actually, I did fix the problem. Sorry I totally forgot about this post and didn’t get to update it.

Like DerFetzer mentioned it was a brute force issue. I noticed it in the logs. It was trying to block the default route, so I installed an app called “brute-force settings”, listed my LAN networks on it, then cleared the database table. Everything works perfectly now.